12 September 2015

4 Must-Do's When Testing Cloud-Based Apps & Portals

The cloud has transformed the way applications are designed, built and delivered. It's a powerful platform that requires an equally comprehensive software testing strategy to ensure your cloud-based app or portal becomes a real asset for your oganisation.

Follow these four core principles to ensure that each patch or new version of your app is fast, secure and behaves as it should:

Useability Testing: does the application deliver the promised set of features? Today's app users will find bugs that cannot be uncovered by simple old-school funtional testing. Thus, a thorough exploratory testing strategy should be implemented so that your organisation finds the glitches before your users do.

Performance Testing: irrespective of your industry, your users will be left underwhelmed, frustrated (and you will lose them quickly) if your app is slow at processing their requests and actions. In order for your app to (at least) meet industry benchmarks for speed and performance, your app should gather performance-related data at various stages and your team should undertake comprehensive performance testing to ensure that each user is served the most optimal experience.

Security Testing: the cloud can leave apps open to an unprecedented and fast-changing array of malicious and unwanted visitors. Access control and data privacy and integrity mechanisms must be designed and implemented in a way that repels deliberate and accidental intruders. Unless you have ethical hackers on your payroll, it's always a good idea to call in security testing experts to verify that the force field you have built for your app does what it should, and more.

Third-Party Dependancy Testing: this is an oft overlooked vulnerability in an environment where utilising external services is as simple of copying and pasting a few lines of JS. Third-party components often form a vital element in your feature set, but they can also degrade the performane of your app and / or leave it vulnerable to intrusion. Your testing strategy should specifically test the down-stream impact of third-party dependencies.

Now that you know what to test, how are you going to do it? How much of it needs to be automatic versus manual testing? Do you have the expertise to implement your testing plan in-house or do you need help from external pinch-hitters?